How To Check The Security Of A Linux PC With Lynis

If your Linux security is lacking, a good idea is to audit your system. A great way to run an audit is to use a program that tests security and offers concrete solutions. One such auditing tool is Lynis. It’s a a tool that can check the security of a Linux PC. It scans any Linux PC, tests its security, and prints out a list of possible issues and fixes. The best part of this tool is that it’s very simple to use and anyone can use it.

Ubuntu/Debian

Lynis has excellent support for Debian and Ubuntu through their own software repository. Enabling this software repository is a little different from other software sources, as it’s a traditional software repository. There are no PPAs or anything. This is so that Lynis works on both Debian and Ubuntu without issue.

To start the installation, launch a terminal window and download the correct GPG key.

RECOMMENDED FOR YOU

With the Apt-transport-https package working on your system, it’s safe to refresh the software sources. Run update in the terminal.

sudo apt update

or

sudo apt-get update

Finally, install Lynis.

sudo apt install lynis

or

sudo apt-get install lynis

Arch Linux

Like most programs, Arch has the Lynis security tool in the AUR. To install it, launch a terminal and install Git and the Base-devel packages. Then pull the code down and generate a new Arch package.

Note: please understand that installing software directly from the Arch AUR, rather than the official software sources means that sometimes dependencies do not install. You may need to install these packages manually if this happens during the Lynis installation process. Dependencies can be found at the bottom of this page here.

Generic Linux

The Lynis auditing tool has a generic Tarball for those on Linux distributions that don’t have direct support from the developer. Thankfully, this downloadable Tar archive requires no compilation of any kind. Instead, users just download it and run the program as is.

To install Lynis via a downloadable Tar archive, use the wget tool and download the package, then extract it.

Using Lynis

Lynis is a simple tool with a lot of options. For the average user, basic options will do. The most basic (yet comprehensive) operation that the program can do is to do a complete audit of the system. To run the audit, open up a terminal and enter the following command into it.

lynis audit system

Running the above command without any Sudoer privileges will scan many aspects of the system. However, it won’t get everything. Running a full scan requires sudo.

sudo lynis audit system --pentest

Need to save the results for later? Pipe them to a text file.

sudo lynis audit system >> /home/username/Documents/lynis-results.txt

Scan Docker File

Docker is becoming increasingly popular on Linux systems. With all of the pre-made Docker images out there, security breaches are bound to happen. Thankfully, Lynis allows users to scan Docker files and test them for issues. To run a test, try the following command.

lynis audit dockerfile /home/username/path/to/dockerfile

Quick Scan

Lynis can do many different types of scans. A scan that may be useful if you’re in a hurry is the “quick” scan mode. This mode tests basic areas of the system, for fasts results.